General
-
Target
4jS459oE.exe
-
Size
1.2MB
-
Sample
231103-ft6qgsce4w
-
MD5
c7bdf9f271930e91de49fecd15c74608
-
SHA1
182e0da7fce4b75460d4a7035386aa072949d3ae
-
SHA256
24298788ef815c8db03ed863813543276cd790e69227761dfd14a01d9ac2e899
-
SHA512
b5a7108c4c28fc13c679b61b003a2bd26f3ac07a55e223c3939e1bd6a5aa47f6ab70abca1c64f41d0d478e13656115139543578f5a07639067f20dd5ef4aceba
-
SSDEEP
24576:XZ22dAiItf+BVHjcIoRj3csPwTSLcqDB:hItf+BVAIwPoTSLcqN
Static task
static1
Behavioral task
behavioral1
Sample
4jS459oE.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
4jS459oE.exe
Resource
win10-20231020-en
Malware Config
Extracted
redline
grome
77.91.124.86:19084
Targets
-
-
Target
4jS459oE.exe
-
Size
1.2MB
-
MD5
c7bdf9f271930e91de49fecd15c74608
-
SHA1
182e0da7fce4b75460d4a7035386aa072949d3ae
-
SHA256
24298788ef815c8db03ed863813543276cd790e69227761dfd14a01d9ac2e899
-
SHA512
b5a7108c4c28fc13c679b61b003a2bd26f3ac07a55e223c3939e1bd6a5aa47f6ab70abca1c64f41d0d478e13656115139543578f5a07639067f20dd5ef4aceba
-
SSDEEP
24576:XZ22dAiItf+BVHjcIoRj3csPwTSLcqDB:hItf+BVAIwPoTSLcqN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-